But, I’m Not Protecting Against A Professional Thief
Rodney, what security do you use on your home Wifi router?
None. I just hide the name.
The network guys on my team burst out laughing. They were ready to criticize me for using WEP (Wired Equivalent Privacy), instead of the more secure WPA (WiFi Protected Access) protocol. Even though I was a manager and therefore “non technical” they expected more. They started to gang up on me.
Do you realize how easy it is to find a WiFi network that doesn’t broadcast it’s SSID?
Yeah, I could find it in about 30 seconds!
And they were correct. I was working for a large non-profit in Utah and our network guys were some of the very best I’d ever worked with. The managed multiple tiers of a network that spanned the globe and was used by 30,000 users. They were that good.
Let me ask you guys something. How long do you think it would take a professional car thief to steal your car?
Ah. . .I donna know. A minute?
Probably 7 seconds to break into your locked car and less than a minute to start your car and drive it away.
So, I was close!
So, tell me. If a professional thief can break in and steal your car in less than a minute, why do you lock your doors?
Well. . .
Because you aren’t protecting your car from a professional thief. You are protecting it from a teenage kid walking through the parking lot checking for unlocked cars.
The point is that if my home network gets targeted by a professional network hacker, there’s very little I can do about it. Just like if my car gets targeted by a professional thief. But, the odds that a professional hacker is going to target me is about the same as a professional thief going after my 2001 Chevy Suburban with 250,000 miles on it.
Our data center was protected by the most sophisticated cyber defense that we could create. We used multiple layers of security and detection starting at the firewall and going all the way to the desktop. Our company was a natural target.
Just like if I had a 2013 Lamborghini, I wouldn’t just lock the doors. I’d install a tracking system, an alarm, probably use the club and otherwise make it as hard a target as possible.
But, on my little cul-d-sac where everyone knows everyone, I’m not worried about a professional hacker trying to hijack my network. I’m just not significant enough.
Rodney M Bliss is an author, blogger and IT Consultant. He lives on a small cul-d-sac in Pleasant Grove, UT with his lovely wife and 13 children. The Chevy Suburban is his family’s small car.
Follow him on
Twitter (@rodneymbliss)
Facebook (www.facebook.com/rbliss)
LinkedIn (www.LinkedIn.com/in/rbliss)
or contact him at (rbliss at msn dot com)
WPA is actually very difficult to crack. It requires very specific tools that have to be timed perfectly. You have to be actively scanning at the exact same time somebody on the network authenticates to the wireless network and even then it’s a crapshoot. Enterprise level authentication, more or less, uses the same type of authentication a rotating key, 4 way handshake. Yes, it’s still hackable, but it’s very difficult and even “professionals” would probably shy away and find another network. Using the car analogy, that would be like a thief waiting in a huge parking lot, hiding near your Suburban, waiting for you to come out and use the keyless entry remote so I can steal the frequency… except there are hundreds of others using their remotes in the parking lot and really, I have no idea who you are and whether or not you will use the regular key to unlock the door. A lot of circumstances have to come together perfectly for me to get that frequency.
As far as home networks are concerned, war driving is a very real issue. People (not necessarily professionals) will drive around and find networks to conduct their illegal activity on. Downloading pirated software, accessing bank accounts with passwords they stole, etc, etc. Suburbia is a favorite because it’s only a matter of time before you find an open network. You may hide the SSID, which yes, prevents the kid next door from connecting his iPod to your network, but it doesn’t even take 30 seconds to find a hidden network. The network still broadcasts its presence, just without an SSID. A free, 150kb wireless sniffer can do it on the fly at 25mph while I drive through the neighborhood.
Great blog post.